The pace of cloud adoption on the African continent is picking up rapidly, both within South Africa and beyond our borders, largely due to Covid-19 forcing organisations to be more flexible in how they deliver services to customers and staff.
However, this rapid shift into cloud has made many more organisations more vulnerable to cyberattacks, particularly because South Africa has a severe shortage of cybersecurity skills. That’s why cloud based businesses need to augment human capacity with agile technology that keeps learning to keep ahead of threats and counteract them before they happen.
That’s according to Adam Philpott, chief revenue officer at Trellix, a new business emerging from the unification of McAfee Enterprise and FireEye. Trellix delivers extended detection and response (XDR) to organisations, with a focus on accelerating technology innovation through machine learning and automation.
“South Africa and Africa may have lagged other countries in commencing digitisation, but the region has certainly caught up with its counterparts elsewhere in the world,” Philpott says. “The adoption of cloud-based services and remote working have accelerated significantly in the last couple of years, and the pace of this adoption continues to accelerate, despite there being insufficient skills sources to implement new projects, and maintain and protect them in the future.”
This is exacerbated by organisations not having a clear cybersecurity strategy and falling into the trap of buying and installing multiple different cybersecurity solutions as they’re introduced to the market.
Not only does this mean that there are more loopholes for cyberattacks to penetrate, where the various platforms don’t overlap, it also means that more skills are needed to learn and manage the multiple solutions, and to keep up to date with new developments that might impact their efficacy.
Malevolent actors are also growing in sophistication, volume, and frequency.
“Protection from the cyberthreats of the future, despite skills shortages, is possible with XDR architecture that keeps learning, so that you stay protected,” Philpott explains. “Global threat monitoring prioritises risks and proactively addresses vulnerabilities, while local vector telemetry surfaces insights from Trellix’s end to end native footprint, and from our vast open network of API partners. This means that we can detect and counteract threats before they even taken hold.”
Philpott adds that South African corporates here and abroad are ready for a different approach to cyber security, with customer needs far better addressed through ‘living security’ that is flexible and adaptable.
“Cyber security should work as an organism that evolves and grows with your business, as a ‘living security’ that offers threat resiliency through its wide network of interconnected threat sensors and capabilities,” he says.
“It should help you adapt, so that your business stays agile, with an automated orchestration playbook that responds to active threats, and a dynamic recalibration of prevention policies, at scale. Cybersecurity is no longer about prevention, detection, and response – all three need to be integrated into a remediation approach,” he adds.
Trellix’s XDR ecosystem is designed to accelerate the effectiveness of security operations by providing customers with the capability to ingest over six hundred native and open security technologies.
Using data science, algorithms and automation improves the productivity of security operations centres, providing security analysts with better insight, giving them more control, and delivering comprehensive threat contexts. This saves time for analysts, allowing them to focus on threat hunting and act decisively to remediate threats, while analytics automates out the low value, high volume incidents.